Cybernetic Proving Ground Radek Oslejsek et al. oslej sek@fi.muni.cz lyij ®CSIRT \AU ICT Networking Event: Security & Visualization Vienna Austria, 7th October 2013 About Us and Backround Project team o Computer Security Incident Response Team - MU o Institute of Computer Science Masaryk University o Faculty of Informatics Masaryk University Finished Projects o CAMNEP: co-operation with U.S. Army o CYBER: project for Czech Ministry of Defence Running Projects o CPG: project for National Security Authority o CYBER2: project for Czech Ministry of Defence R. Oslejsek et al. Cybernetic Proving Ground 2/9 Motivation o Unique environment for security development and testing o Simulation of an network, systems, services and applicatio Network traffic Management & Measurement channel Security Scenario o Generic way to describe security-related experiment o Motivation of a (real life) cyber attacks 2013 (Year One) 2014 (Year Two) 2015 (Year Three) ^ 1 //]\_, ( S 1 £3 4 ] mwmrn mmmm Distributed Denial w ■ Critical Infrastructure of Service attack Inrastracture as a Service Cloud infrastracture o Dedicated sandbox for security scenarios o Utilize existing cloud infrastructures o Hiding technical aspects from users o Fully transparent to virtualized ^ MetaCentrum Cent OpenNebula.org scientific cloud o Flow-based IPFIX measurement with application visibility o Data analysis, misuse and anomaly detection methods o Designed to highlight significant aspects of concrete scenario o Topological view for rapid overview of CPG infrastructure o Statistical graphs and special views for forensic analysis and anomalies detection, etc. - \i _ [II _ I 1 :::: - 1 ML J:: I lli;;:. Conclusion Summary o Complete network can be simulated (including hosts, network components and network topology) o End users can set up environment very quickly without the necessity to know details about how to configure networking o Security scenarios provide a generic way to describe an attack and enables to run its simulation executed in controlled manner o CPG is aimed at employing advanced visualization techniques that would contribute to interactive simulation and analysis o Basic prototypes of crucial parts already implemented and partially tested Co-operation offers 0 Collaboration on scenarios creation o Your possible scenarios testing R. Oslejsek et al. Cybernetic Proving Ground